top of page

The Remote Work Insider Threat: North Korea's Secret Infiltration of U.S. Companies


North Korea operatives continue to use a sophisticated scheme infiltrating U.S. companies by placing operatives in remote IT jobs. This scheme highlights a significant new cybersecurity threat for organizations employing remote workers, forcing companies to grapple with a challenging and evolving insider threat.


These workers use stolen identities and AI techniques to secure positions and mask their origins and identities. These North Korean operatives can provide genuine IT assistance, but their main focus is leverage these insider positions to deploy malware or steal data.


These operations reportedly generate millions for North Korea, circumventing sanctions and allowing Pyongyang to illegally fund its weapons programs. These infiltration attempts target a wide range of industries including media, technology, and aerospace, as well as government agencies. 


These attacks highlight the importance of developing and testing an insider threat program.

Comments


bottom of page